× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b845787d1f77ef664311ff57f9c7ea6097827bdc853929fd391a72b8baea8561
File name: output.113290602.txt
Detection ratio: 49 / 65
Analysis date: 2018-05-15 01:26:19 UTC ( 4 months, 1 week ago )
Antivirus Result Update
Ad-Aware Trojan.Generic.22928753 20180515
AegisLab Tspy.Hploki.Smaly1!c 20180515
AhnLab-V3 HackTool/Win32.Keygen.C102323 20180514
ALYac Trojan.Generic.22928753 20180514
Antiy-AVL Trojan/Win32.TSGeneric 20180515
Arcabit Trojan.Generic.D15DDD71 20180514
Avast Win32:Malware-gen 20180514
AVG Win32:Malware-gen 20180514
Avira (no cloud) TR/Injector.ppscm 20180515
AVware Trojan.Win32.Generic!BT 20180428
Babable Malware.HighConfidence 20180406
Baidu Win32.Trojan.WisdomEyes.16070401.9500.9667 20180511
BitDefender Trojan.Generic.22928753 20180515
Bkav W32.eHeur.Virus02 20180514
CAT-QuickHeal Trojan.Occamy 20180514
CMC Virus.Win32.Sality!O 20180514
Comodo .UnclassifiedMalware 20180515
Cylance Unsafe 20180515
Cyren W32/Trojan.IGUZ-1691 20180514
Emsisoft Trojan.Generic.22928753 (B) 20180515
Endgame malicious (high confidence) 20180507
ESET-NOD32 a variant of Win32/Injector.DXJM 20180515
F-Secure Trojan.Generic.22928753 20180514
Fortinet W32/Fareit.DXJM!tr 20180514
GData Trojan.Generic.22928753 20180515
Ikarus Backdoor.Win32.Hupigon 20180514
Sophos ML heuristic 20180503
K7AntiVirus Trojan ( 0052e2bb1 ) 20180514
K7GW Trojan ( 0052e2bb1 ) 20180515
Kaspersky UDS:DangerousObject.Multi.Generic 20180515
MAX malware (ai score=98) 20180515
McAfee RDN/Generic.grp 20180514
McAfee-GW-Edition BehavesLike.Win32.Trojan.gc 20180514
Microsoft Trojan:Win32/Occamy.C 20180515
eScan Trojan.Generic.22928753 20180515
NANO-Antivirus Trojan.Win32.Dwn.faniwe 20180515
Palo Alto Networks (Known Signatures) generic.ml 20180515
Panda Trj/CI.A 20180514
Qihoo-360 Win32/Trojan.251 20180515
SentinelOne (Static ML) static engine - malicious 20180225
Sophos AV Mal/Fareit-Q 20180515
Symantec Trojan.Gen.2 20180514
TrendMicro TSPY_HPLOKI.SMALY1 20180515
TrendMicro-HouseCall TSPY_HPLOKI.SMALY1 20180515
VBA32 Trojan.Downloader 20180514
VIPRE Trojan.Win32.Generic!BT 20180514
Webroot W32.Trojan.Gen 20180515
Yandex Trojan.Injector!XPYCescG4TA 20180513
ZoneAlarm by Check Point UDS:DangerousObject.Multi.Generic 20180514
Alibaba 20180514
Avast-Mobile 20180514
ClamAV 20180514
CrowdStrike Falcon (ML) 20180202
Cybereason None
eGambit 20180515
F-Prot 20180514
Jiangmin 20180514
Kingsoft 20180515
Malwarebytes 20180515
nProtect 20180515
Rising 20180514
SUPERAntiSpyware 20180515
Symantec Mobile Insight 20180511
Tencent 20180515
TheHacker 20180509
TotalDefense 20180514
Trustlook 20180515
ViRobot 20180514
Zillya 20180514
Zoner 20180514
The file being studied is a Portable Executable file! More specifically, it is a Win32 EXE file for the Windows GUI subsystem.
PE header basic information
Target machine Intel 386 or later processors and compatible processors
Compilation timestamp 1991-12-12 23:13:00
Entry Point 0x000C22DE
Number of sections 3
PE sections
PE imports
GetProcAddress
GetModuleHandleA
RegCloseKey
ImageList_Add
FindTextA
SaveDC
OleDraw
SysFreeString
CharNextA
VerQueryValueA
Number of PE resources by type
RT_BITMAP 37
RT_STRING 18
RT_GROUP_CURSOR 7
RT_CURSOR 7
RT_RCDATA 3
RT_DIALOG 1
RT_ICON 1
RT_GROUP_ICON 1
Number of PE resources by language
NEUTRAL 46
ENGLISH US 29
PE resources
ExifTool file metadata
MIMEType
application/octet-stream

Subsystem
Windows GUI

MachineType
Intel 386 or later, and compatibles

FileTypeExtension
exe

TimeStamp
1991:12:13 00:13:00+01:00

FileType
Win32 EXE

PEType
PE32

CodeSize
415744

LinkerVersion
2.25

EntryPoint
0xc22de

InitializedDataSize
348160

SubsystemVersion
4.0

ImageVersion
0.0

OSVersion
4.0

UninitializedDataSize
0

File identification
MD5 427eb6dda61189a6d09905e31bdc73f0
SHA1 807b5367a2976903abc7e601b3956c2e9274e736
SHA256 b845787d1f77ef664311ff57f9c7ea6097827bdc853929fd391a72b8baea8561
ssdeep
12288:wqT74Sp+hgo/X8PwF05tlYoYA32MlBkjKdhle:vPZ+hgUywboH3JBkj

authentihash 148d6c3e52187e143da2c1b3cf05890da3c0e88e0181c1ae67979643a4f8377c
imphash ce12b5ed2f9404fb53ed33e0030d887b
File size 407.0 KB ( 416768 bytes )
File type Win32 EXE
Magic literal
MS-DOS executable, MZ for MS-DOS

TrID Win32 Executable (generic) (52.9%)
Generic Win/DOS Executable (23.5%)
DOS Executable Generic (23.5%)
Tags
peexe

VirusTotal metadata
First submission 2018-04-21 17:43:01 UTC ( 5 months, 1 week ago )
Last submission 2018-05-15 01:26:19 UTC ( 4 months, 1 week ago )
File names s.exe
JL3XWY6BWOAZ.EXE
output.113290602.txt
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!
Condensed report! The following is a condensed report of the behaviour of the file when executed in a controlled environment. The actions and events described were either performed by the file itself or by any other process launched by the executed file or subjected to code injection by the executed file.
Runtime DLLs